On December 2, a DEFI security accident occurred in the well-known protocol Badger DAO. The total loss of users was about 2100 BTC and 151 ETH , about 120 million U.S. dollars . It was one of the most stolen security incidents this year.
In fact, DEFI security accidents have long been commonplace. In this year alone, Cream Finance was attacked twice, the most recent one was on October 27, with a loss of approximately US$130 million. The first was a loss of approximately US$18 million on August 30.
Two consecutive lightning dai attacks in 90 days exposed the fragility of its ecosystem. In the muddy water disturbed by hackers, practitioners refocused their attention on security.
What’s more serious is that its weaknesses have been repeatedly exposed, including the NFT market and Gamefi market, and development will be stagnated due to doubts about their security. We are not good at technical analysis, but we can try to interpret the security dilemma currently faced by the DEFI platform from a logical level by comparing previous hacking attacks .
Before understanding lightning dai attacks, we must first understand what lightning dais are.
“Innovative Finance” frequently used by hackers
In Lightning Dai, all agreements and risks between lenders and borrowers are controlled by the platform. The occurrence and efficiency of borrowing is much higher than that of ordinary bank borrowing methods, eliminating a lot of asset review and qualification review due to its convenience So it is called lightning dai .
In the field of blockchain, decentralized finance is the mapping of centralized finance in the blockchain, and its ecosystem uses a large number of real banking management systems, and the rules of borrowing and pledge are mostly consistent with the rule system of centralized finance.
It’s just that the centralized financial system is implemented by the rules formulated by the centralized organization, and there may be mistakes, and the implementation of DEFI’s financial rules is handed over to the smart contract. The distributed structure and the security of assets fully controlled by smart contracts have promoted the speed of development in this field.
Since the beginning of 2021, the DEFI ecosystem has rapidly developed to the level of 100 billion U.S. dollars. With the exponential growth of the pledge pool and the amount of user funds, the DEFI lightning dai form has naturally appeared.
As an innovative financial model, Lightning Dai can achieve the same speed and fast experience as Internet Lightning Dai, and can realize unsecured borrowing, but it requires repayment within the same block, otherwise the transaction will be rolled back and invalid.
Therefore, under the lightning dai model, most practitioners have experienced that without any effort and effort, they can become “rich” on the platform in seconds, and use huge amounts of funds and high-frequency trading to tap market revenue. feel. At the same time, there are also a large number of early users engaged in lightning dai gaining huge wealth.
However, the benefits of Lightning Dai have also been seen by hackers. The incentives for malicious attacks on its protocols have become larger and larger, so that more hackers have appeared, at the expense of ordinary users’ assets, through repeated tests, using protocol loopholes to steal funds in the lightning dai pledge pool.
So, how exactly do hackers carry out lightning dai attacks?
DEFI lightning dai attack
It is generally believed that lightning attacks usually use the lightning dai protocol and platform vulnerabilities to bypass the rollback mechanism through technical means, carry out arbitrage or manipulate prices, and then profit by influencing market prices.
We usually think that hackers generally have two purposes. One is to steal the information in the other party’s system (including digital assets and other information), and the other is to show off purely by breaking into the other party’s defense system. Technical strength.
However, the lightning attack in the DEFI field is not like a real hacking act. It does not use brute force cracking (in fact, a small number of hackers in a distributed structure can hardly crack it), nor does it look for system vulnerabilities to show its strength.
In principle, lightning attacks in the DEFI field usually do not look like hackers. They use financial and capital leverage to move the market at a very low cost, and to manipulate prices between multiple agreements.
Therefore, the purpose of lightning attacks is generally clear. It is not an unconscious attack by hackers to show how powerful the direct technology is, but the purpose is a large number of digital assets . In this regard, it is not so much that the DEFI lightning attack is a “hacker”, it is better to say that these people are financial giants who are well versed in the rules of digital asset trading.
In addition to the above-mentioned manipulation of the market through technical and financial means for profit, resulting in direct asset losses for users, the DEFI lightning attack will also manipulate the governance structure to obtain a large number of ecological votes through the lightning dai attack, and change the platform at a lower cost. Governance rules, so that the rules infinitely fit their own interests, in order to achieve the purpose of profit.
From the two points of capital manipulation and governance structure manipulation, once the DEFI platform is successfully attacked by the lightning dai, the DEFI smart contract without centralized intervention becomes a money printing machine , and hackers can continue to use smart contracts that strictly abide by the contract mechanism. “Cash out” funds from the platform.
For ease of understanding, we can refer to the previous lightning dai attacks this year to find the attacker’s entry point, and at the same time, we can see where the weakest part of the DEFI lightning dai mode is!
Lightning dai attacks against
1. On May 30, 2021, Belt Finance, an AMM protocol that combines multi-strategy revenue optimization on the BSC chain, was attacked by lightning dai .
The attack originated from the attacker by repeatedly buying and selling BUSD, exploiting the loopholes in the calculation of the balance of the bEllipsisBUSD strategy to manipulate the price of beltBUSD for profit. (Please note that the attacker in this incident ultimately manipulated the price of BELTbusd, not to control users and funds in the liquidity pool.)
The attack method is as follows:
Step 1: The attacker first loaned 8 lightning dais from PancakeSwap. Among them, 10 million BUSD was deposited in the bEllipsisBUSD agreement;
Step 2: Deposit 187 million BUSD into the bVenusBUSD strategy, and then exchange 190 million BUSD into 169 million USDT through the Ellipsis contract;
This is a crucial step. In this incident, the attacker performed a total of 7 withdrawal-change-recharge operations . This repeated operation does not make the attacker profitable, but such a huge amount of funds flow The price of beltBUSD has an impact.
When the price of beltBUS has an impact, it is actually equivalent to the attacker manipulating the price of the digital asset. Then the attacker uses the loopholes in the calculation of the bEllipsis contract balance to perform a new withdrawal-exchange-recharge. Able to generate balance. In other words, at this point, profits have been generated!
After the profit is generated, the attacker uses the Nerve (Anyswap) cross-chain bridge to convert the acquired assets into ETH in batches, and then move away.
2. On June 23, 2021, the machine gun pool related to Nerve in Eleven Finance was attacked by lightning.
The direction of the attacker’s attack was that Eleven Finance’s Emergencyburn calculated the balance incorrectly and did not implement the destruction mechanism.
The attack method is as follows:
In the first step, the attacker lends BUSD from PancakeSwap and converts part of the BUSD into NRV; this step is a normal operation and anyone can complete it.
In the second step, the attacker adds liquidity to PancakeSwap by adding Nerve and BUSD to obtain LP tokens;
In the third step, the attacker puts the LP token into the machine gun pool related to Nerve in Eleven Finance to obtain the nrvbusd LP token;
Through repeated exchanges, deposits and withdrawals, when the attacker withdraws the Pancake LP token, the Emergencyburn function in ElevenNeverSellVault should destroy the 11 nrvbusd LP token in exchange for the Pancake LP token, but Emergencyburn did not perform the burn (destroy) action.
The attacker quickly discovered this vulnerability and took advantage of it.
The attacker then created the 0x01ea contract and lent 30.9 BTCB; the 0xc0ef contract lent 285.66 ETH and 0x87E9 lent two lightning dais of 2,411,889.87 BUSD and 7,693 BUSD to attack. In the end, it made a profit of nearly 4.6 million U.S. dollars and then moved away.
3. This attack by Cream Finance. On October 27th, Cream Finance was used by hackers to repeatedly use “Lightning Dai” to lend and borrow funds between two addresses (A, B) to exploit a pricing loophole.
The attack method is as follows:
The first step: the attacker uses the A address to obtain 500 million US dollars worth of token stablecoins from MakerDAO lightning dai, and mints yUSD from its yPool, and then deposits yUSD into Year’s yUSD strategy.
The attacker used 500 million US dollars of tokens to mint 500 million US dollars of crYUSD. Please note that there is no problem in the first step, just a huge amount of exchange.
Step 2: Through address B, the attacker obtained $2 billion worth of ETH from AAVE lightning dai to use as collateral for CREAM. This allows it to borrow another approximately 500 million U.S. dollars of yUSD and deposit it again to mint crYUSD.
Step 3: The attacker starts the cycle of depositing and lending between the two accounts, until account A has about 1.5 billion U.S. dollars of crYUSD and about 500 million U.S. dollars of yUSDVault.
In the repeated cycle of operations, the price of yUSDVault was swayed by this operation and fluctuated. The conversion and casting that had not been profitable began to generate profits.
After the attack was completed, the attacker carried 130 million U.S. dollars in BTC and ETH away.
Through the above three lightning dai attacks, I believe we can roughly summarize the real security risks of a DEFI lightning dai platform.
Security and vulnerability of DEFI platform
I still have to say that the asset security of the DEFI platform is reliable. Please note that the asset security mentioned here is the user’s asset security. In the process of pledge and transaction of DEFI, users’ funds are completely managed by smart contracts, not through centralized teams or asset management platforms. Therefore, the platform has no problem in terms of the security of user funds.
However, this security is fragile. Because all transactions require the help of strategies, a platform is often compatible with many protocols. The logic between the agreement and the agreement may conflict. This kind of agreement conflict is completely without problems in the process of general users, and the funds in the hands of general users cannot cause market fluctuations.
However, when an attacker uses a huge amount of funds to manipulate prices, because there is no centralized team to manage, such fluctuations can only be allowed to happen. The exchange “balance” caused by price fluctuations is therefore generated.
The balance of each Token is quite small, but when this balance is enlarged to hundreds of millions or even billions of dollars, a larger profit is formed.
When the attacker uses the conflict of the protocol logic and price manipulation to complete the profit extraction, the “false” profit caused by the fluctuation will form a funding hole. In the end, all users and the platform will pay for these holes. Therefore, the security of DEFI lightning dai Sex is fragile.
After Cream Finance was attacked, the prevailing view in the industry was that the development team was eager to expand the market and therefore compatible with too many protocols. This unscrupulous compatibility is the real reason for the continuous attack of lightning dai attacks. What more people see is that the risks exposed by DEFI lightning dai will seriously hinder the development of the industry in the future.
Cream Finance was attacked. The industry should not just see who will pay for the final loss and how the user’s confidence can be restored. What should be more noticed is that the solid base building may not determine the stability of the upper layer.
Whether it is a “backdoor” deliberately left by developers or a “leek field” targeted by industry giants is actually more worrying for users.
In addition, how to avoid the impact of price fluctuations in a short period of time on the agreement itself at the beginning of the design of the Lightning Protocol, or how to avoid large-scale funds maliciously on the market and the fluctuation of the price of a single token still needs to be further explored.
In any case, the development of the industry should not stop eating because of choking, but we must also know how to make up for it. When the logical loopholes in the agreement are amplified by price manipulation, the losses to the industry will be huge. Now that the industry has solved the basic safety problem, it is time to reinforce and redefine the superstructure.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/the-highest-record-of-defi-stolen-this-year-breaks-120-million-u-s-dollars-financial-innovation-has-become-a-hacker-artifact/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.